McAfee Real Protect: Real-time Behavior Detection technology based tool for Windows

Many may feel the need for a second line of defense on your Windows computer and computer networks, so that you have increased security. By second line of defense, we mean an antimalware that can be run in addition to the main security software. There are many tools such as Microsoft EMET, that can help you. McAfee has now released a new tool called Real Protect, formerly called Raptor, that monitors your computer to block malware before it can do any damage.

McAfee Real Protect or McAfee Raptor, is a real-time behavior detection technology that monitors suspicious activity on an endpoint, by leveraging machine learning and automated, behavioral-based classification in the cloud to detect zero-day malware in real time.

McAfee Real Protect Review

McAfee Raptor

Real Protect, unlike Stinger, employs behavior analytics to figure out malware and isolate them. According to McAfee, Real Protect is a real-time behavior detection technology that monitors activity on the endpoint and if it finds anything suspicious, it blocks them right away.

You can view the blocked items in the window presented by McAfee Real Protect. You can then check the items and choose to clean them instantly or clean them at a later time by clicking on the Dismiss button. The items you quarantine will be available in the Quarantine Window which is displayed when you click on Quarantine in the context menu brought up by right clicking on the Raptor icon in the System Tray.

According to McAfee, Real Protect leverages machine learning and behavioral based classification in the cloud to detect zero-day malware in real time. Right now, the tool is in Beta and available free, and also comes as a bundle with Stinger. McAfee plans to include Real Protect into its future antimalware software.

The best things about McAfee Real Protect is that you do not have to worry about regular definition updates. Once installed, McAfee Real Protect lies in the Notification Area and keeps the system protected. A pop-up window will appear, if it identifies any malware, which you can clean by clicking on the Clean button.

You can also view the Quarantined items using the context menu that appears when you right-click on the system tray icon. You can then delete the items or restore them by selecting the item and clicking on delete or on restore.

McAfee Real Protect is different from the Stinger software.

Though McAfee Stinger bundles Real Protect into the package, it is essentially a standalone package that works using signature files to detect and remove malware. Real Protect, on the other hand, studies the behavior of programs running on the computer and isolates malware based on suspicious actions.

You can view the Real Protect log by right-clicking on the Real Protect System Tray icon and then by clicking on View Log. You can also open the location C:\Program Files\McAfee\ to view the log file in Notepad.

The user has to be alert and needs to take action¬†within 10 minutes, after the malware is found, otherwise the items are just dismissed and will continue to run on the machine. It is always better to click on the “Clean button to clean the affected processes before they can damage your computer in any way.

The footprint of Real Protect is pretty small. It takes seconds to install the software. All you need to do is to download the Raptor installer and run it. The program is automatically installed in the Program Files folder. As soon as the program is installed, it appears in the Windows System Tray. It starts automatically with every boot.

You can download it from here. Read more on it here.

UPDATE: Please read the comment below. McAfee Real Protect or Raptor, like McAfee Stinger installs the McAfee Validation Trust Protection Service, which is difficult to remove, even after the tool is uninstalled. You may want to run McAfee Consumer Products Removal tool to remove this service.

Posted by on , in Category Security with Tags
Anand Khanse is the Admin of, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.


  1. No Malware

    “Running the current releases of McAfee on
    any Windows PC will automatically install the ‘McAfee Validation Trust
    Protection Service’ (mfevtps.exe) to the local machine without a
    prominent notice to the user. There is a reference to it only buried in
    the EULA. Once installed, these files are exceedingly difficult to
    remove. No entry is made in Add/Remove Programs or Uninstall a Program,
    a service is installed and set to automatically start with Windows, the
    service can not be Stopped by the end user.”

    In other words, the software is actually malware. So I ask you, do you want that crap running on your PC? Not me…

  2. I have posted an update towards the end of this post.

  3. No Malware

    Thanks Anand… your site is just too good to mistakenly mislead your followers.

  4. Joyless

    Wow. Well its still there with the Stinger scanner. No uninstaller. I’ll have to remove it by hand. I use Autoruns and Regscanner. If that fails I can drop in a registry that I saved before this stinking thiefware installed itself.

Leave a Reply

Your email address will not be published. Required fields are marked *

5 + 5 =